Install Engines on Tenants in a Multi-Tenant Deployment - Multi-Tenant Guide - 8 - Cortex XSOAR - Cortex - Security Operations

Cortex XSOAR Multi-Tenant Guide
Product
Cortex XSOAR
Version
8
Creation date
2024-02-14
Last date published
2024-04-14
Category
Multi-Tenant Guide
Solution
Cloud
Abstract

Install engines on tenants in a Cortex XSOAR multi-tenant deployment. Configure firewall to allow communication between engine and tenant.

Engines created on child tenants use a different encryption handshake for each child tenant and connect back to the child tenant through the main tenant.

  1. Download and install the engine.

    1. Go to Settings & InfoSettingsIntegrationsEngines.

    2. Create New Engine.

    3. Select and download the appropriate installer file.

    4. Install the engine on the appropriate remote machine.

  2. Propagate the engine to tenants.

    1. Go to Settings & InfoSettingsIntegrationsEngines, select the engine, and click Load-Balancing and Propagation.

    2. Assign one or more engine propagation labels.

    3. If you want to allow the use of the engine for tenant-specific integration instances, select Allow tenants to use this engine for custom integration instances. If you do not select this option, the engine can only be used with integration instances that were assigned to the engine on the main tenant level and were propagated to tenants.

    4. Go to Settings & InfoSettingsTenant Management, and Sync your selected tenant(s).

  3. Go to Settings & InfoSettingsIntegrationsEngines and verify that the engine is connected.

    Ensure that the engine machine can communicate with the main host. You can use Telnet, or any similar tool to check the engine has access to the main tenant before you install it. If there is a firewall you may need to allow access from the machine that hosts the engine, so that it can communicate back on port 443 (or any other port the main host may use) or set an ANY ANY rule.